Fix joining over federation

This commit is contained in:
Erik Johnston 2014-11-07 10:42:44 +00:00
parent 8b0e96474b
commit 49948d72f3
5 changed files with 55 additions and 56 deletions

View File

@ -24,6 +24,7 @@ from synapse.api.events.room import (
RoomJoinRulesEvent, RoomCreateEvent, RoomJoinRulesEvent, RoomCreateEvent,
) )
from synapse.util.logutils import log_function from synapse.util.logutils import log_function
from syutil.base64util import encode_base64
import logging import logging
@ -61,8 +62,6 @@ class Auth(object):
# FIXME # FIXME
return True return True
self._can_send_event(event)
if event.type == RoomMemberEvent.TYPE: if event.type == RoomMemberEvent.TYPE:
allowed = self.is_membership_change_allowed(event) allowed = self.is_membership_change_allowed(event)
if allowed: if allowed:
@ -71,6 +70,8 @@ class Auth(object):
logger.debug("Denying! %s", event) logger.debug("Denying! %s", event)
return allowed return allowed
self._can_send_event(event)
if event.type == RoomPowerLevelsEvent.TYPE: if event.type == RoomPowerLevelsEvent.TYPE:
self._check_power_levels(event) self._check_power_levels(event)
@ -311,6 +312,54 @@ class Auth(object):
def is_server_admin(self, user): def is_server_admin(self, user):
return self.store.is_server_admin(user) return self.store.is_server_admin(user)
@defer.inlineCallbacks
def add_auth_events(self, event):
if event.type == RoomCreateEvent.TYPE:
event.auth_events = []
return
auth_events = []
key = (RoomPowerLevelsEvent.TYPE, "", )
power_level_event = event.old_state_events.get(key)
if power_level_event:
auth_events.append(power_level_event.event_id)
key = (RoomJoinRulesEvent.TYPE, "", )
join_rule_event = event.old_state_events.get(key)
key = (RoomMemberEvent.TYPE, event.user_id, )
member_event = event.old_state_events.get(key)
if join_rule_event:
join_rule = join_rule_event.content.get("join_rule")
is_public = join_rule == JoinRules.PUBLIC if join_rule else False
if event.type == RoomMemberEvent.TYPE:
if event.content["membership"] == Membership.JOIN:
if is_public:
auth_events.append(join_rule_event.event_id)
elif member_event:
auth_events.append(member_event.event_id)
if member_event:
if member_event.content["membership"] == Membership.JOIN:
auth_events.append(member_event.event_id)
hashes = yield self.store.get_event_reference_hashes(
auth_events
)
hashes = [
{
k: encode_base64(v) for k, v in h.items()
if k == "sha256"
}
for h in hashes
]
event.auth_events = zip(auth_events, hashes)
@log_function @log_function
def _can_send_event(self, event): def _can_send_event(self, event):
key = (RoomPowerLevelsEvent.TYPE, "", ) key = (RoomPowerLevelsEvent.TYPE, "", )

View File

@ -61,7 +61,6 @@ class SynapseEvent(JsonEncodedObject):
"replaces_state", "replaces_state",
"redacted_because", "redacted_because",
"origin_server_ts", "origin_server_ts",
"auth_events",
] ]
internal_keys = [ internal_keys = [
@ -75,6 +74,7 @@ class SynapseEvent(JsonEncodedObject):
"hashes", "hashes",
"signatures", "signatures",
"prev_state", "prev_state",
"auth_events",
] ]
required_keys = [ required_keys = [

View File

@ -18,11 +18,6 @@ from twisted.internet import defer
from synapse.api.errors import LimitExceededError from synapse.api.errors import LimitExceededError
from synapse.util.async import run_on_reactor from synapse.util.async import run_on_reactor
from synapse.crypto.event_signing import add_hashes_and_signatures from synapse.crypto.event_signing import add_hashes_and_signatures
from synapse.api.events.room import (
RoomCreateEvent, RoomMemberEvent, RoomPowerLevelsEvent, RoomJoinRulesEvent,
)
from synapse.api.constants import Membership, JoinRules
from syutil.base64util import encode_base64
import logging import logging
@ -59,53 +54,6 @@ class BaseHandler(object):
retry_after_ms=int(1000*(time_allowed - time_now)), retry_after_ms=int(1000*(time_allowed - time_now)),
) )
@defer.inlineCallbacks
def _add_auth(self, event):
if event.type == RoomCreateEvent.TYPE:
event.auth_events = []
return
auth_events = []
key = (RoomPowerLevelsEvent.TYPE, "", )
power_level_event = event.old_state_events.get(key)
if power_level_event:
auth_events.append(power_level_event.event_id)
key = (RoomJoinRulesEvent.TYPE, "", )
join_rule_event = event.old_state_events.get(key)
key = (RoomMemberEvent.TYPE, event.user_id, )
member_event = event.old_state_events.get(key)
if join_rule_event:
join_rule = join_rule_event.content.get("join_rule")
is_public = join_rule == JoinRules.PUBLIC if join_rule else False
if event.type == RoomMemberEvent.TYPE:
if event.content["membership"] == Membership.JOIN:
if is_public:
auth_events.append(join_rule_event.event_id)
elif member_event:
auth_events.append(member_event.event_id)
if member_event:
if member_event.content["membership"] == Membership.JOIN:
auth_events.append(member_event.event_id)
hashes = yield self.store.get_event_reference_hashes(
auth_events
)
hashes = [
{
k: encode_base64(v) for k, v in h.items()
if k == "sha256"
}
for h in hashes
]
event.auth_events = zip(auth_events, hashes)
@defer.inlineCallbacks @defer.inlineCallbacks
def _on_new_room_event(self, event, snapshot, extra_destinations=[], def _on_new_room_event(self, event, snapshot, extra_destinations=[],
extra_users=[], suppress_auth=False): extra_users=[], suppress_auth=False):
@ -115,7 +63,7 @@ class BaseHandler(object):
yield self.state_handler.annotate_state_groups(event) yield self.state_handler.annotate_state_groups(event)
yield self._add_auth(event) yield self.auth.add_auth_events(event)
logger.debug("Signing event...") logger.debug("Signing event...")

View File

@ -317,6 +317,7 @@ class FederationHandler(BaseHandler):
snapshot.fill_out_prev_events(event) snapshot.fill_out_prev_events(event)
yield self.state_handler.annotate_state_groups(event) yield self.state_handler.annotate_state_groups(event)
yield self.auth.add_auth_events(event)
self.auth.check(event, raises=True) self.auth.check(event, raises=True)
pdu = self.pdu_codec.pdu_from_event(event) pdu = self.pdu_codec.pdu_from_event(event)

View File

@ -310,6 +310,7 @@ class DataStore(RoomMemberStore, RoomStore,
"room_id": event.room_id, "room_id": event.room_id,
"auth_id": auth_id, "auth_id": auth_id,
}, },
or_ignore=True,
) )
(ref_alg, ref_hash_bytes) = compute_event_reference_hash(event) (ref_alg, ref_hash_bytes) = compute_event_reference_hash(event)